js/views/message_view.js in Open Whisper Signal (aka Signal-Desktop) prior to 1.10.1 allows XSS via a URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
signal signal-desktop |
EFF wins another privacy battle, ICE chips off AI spy plan
Roundup Here's your guide to this week's infosec news beyond what we've already covered. US Customs won't getting their massive terror predicting system after all. It's reported that America's immigration cops – ICE – have abandoned its call for the development of an artificially intelligent tool that would be able to predict whether a person entering the country was secretly a terrorist, based on social networking activity. We're told it wasn't outcry over human rights or privacy concerns t...